JFrog has uncovered GhostClaw, a fake OpenClaw npm package that stole Keychain passwords, cloud credentials, and crypto wallets from 178 macOS developers.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Chainguard is racing to fix trust in AI-built software - here's how ...

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

You won't have to switch to a browser as often.

The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear, a group tracked by Microsoft as Void Blizzard.

LeakNet ransomware uses ClickFix attacks on hacked sites to trick users into running malicious commands and stealing data.

ARC Raiders may crash, freeze, or close unexpectedly during startup, loading, or gameplay if it fails to initialize graphics drivers, memory, or core ...

Technical details of the vulnerabilities will be revealed once the majority of users are updated with a fix, said Google.

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.

CERT-In warned that older versions of Google Chrome contain critical vulnerabilities that are being actively exploited by ...

Google has confirmed an emergency Chrome security update amid reports that attackers are exploiting two zero-day vulnerabilities.